The following issues were found
numpy/core/src/multiarray/array_coercion.c
2 issues
Line: 462
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
res = -1;
goto finish;
}
char *args[2] = {data, item};
const npy_intp strides[2] = {0, 0};
const npy_intp length = 1;
if (cast_info.func(&cast_info.context,
args, &length, strides, cast_info.auxdata) < 0) {
res = -1;
Reported by FlawFinder.
Line: 996
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
* Special case for reverse broadcasting, ignore max_dims if this
* is a single array-like object; needed for PyArray_CopyObject.
*/
memcpy(out_shape, PyArray_SHAPE(arr),
PyArray_NDIM(arr) * sizeof(npy_intp));
max_dims = PyArray_NDIM(arr);
}
else if (update_shape(curr_dims, &max_dims, out_shape,
PyArray_NDIM(arr), PyArray_SHAPE(arr), NPY_FALSE, flags) < 0) {
Reported by FlawFinder.
numpy/f2py/tests/src/array_from_pyobj/wrapmodule.c
2 issues
Line: 94
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
PyArrayObject *arr = NULL;
PyObject *dimensions = NULL;
PyObject *strides = NULL;
char s[100];
int i;
memset(s,0,100);
if (!PyArg_ParseTuple(capi_args,"O!|:wrap.attrs",
&PyArray_Type,&arr_capi))
return NULL;
Reported by FlawFinder.
Line: 101
Column: 3
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
&PyArray_Type,&arr_capi))
return NULL;
arr = (PyArrayObject *)arr_capi;
sprintf(s,"%p",PyArray_DATA(arr));
dimensions = PyTuple_New(PyArray_NDIM(arr));
strides = PyTuple_New(PyArray_NDIM(arr));
for (i=0;i<PyArray_NDIM(arr);++i) {
PyTuple_SetItem(dimensions,i,PyLong_FromLong(PyArray_DIM(arr,i)));
PyTuple_SetItem(strides,i,PyLong_FromLong(PyArray_STRIDE(arr,i)));
Reported by FlawFinder.
tools/ci/test_all_newsfragments_used.py
2 issues
Line: 1
Column: 1
#!/usr/bin/env python3
import sys
import toml
import os
path = toml.load("pyproject.toml")["tool"]["towncrier"]["directory"]
fragments = os.listdir(path)
Reported by Pylint.
Line: 5
Column: 1
import sys
import toml
import os
path = toml.load("pyproject.toml")["tool"]["towncrier"]["directory"]
fragments = os.listdir(path)
fragments.remove("README.rst")
Reported by Pylint.
numpy/core/include/numpy/ndarraytypes.h
2 issues
Line: 355
Column: 22
CWE codes:
134
Suggestion:
Use a constant for the format specification
#define NPY_AUXDATA_CLONE(auxdata) \
((auxdata)->clone(auxdata))
#define NPY_ERR(str) fprintf(stderr, #str); fflush(stderr);
#define NPY_ERR2(str) fprintf(stderr, str); fflush(stderr);
/*
* Macros to define how array, and dimension/strides data is
* allocated.
Reported by FlawFinder.
Line: 356
Column: 23
CWE codes:
134
Suggestion:
Use a constant for the format specification
((auxdata)->clone(auxdata))
#define NPY_ERR(str) fprintf(stderr, #str); fflush(stderr);
#define NPY_ERR2(str) fprintf(stderr, str); fflush(stderr);
/*
* Macros to define how array, and dimension/strides data is
* allocated.
*/
Reported by FlawFinder.
numpy/core/src/multiarray/convert_datatype.c
2 issues
Line: 1984
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if they simply memcpy it into a ndarray without using
setitem(), refcount errors will occur
*/
memcpy(zeroval, &zero_obj, sizeof(PyObject *));
return zeroval;
}
storeflags = PyArray_FLAGS(arr);
PyArray_ENABLEFLAGS(arr, NPY_ARRAY_BEHAVED);
ret = PyArray_SETITEM(arr, zeroval, zero_obj);
Reported by FlawFinder.
Line: 2030
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if they simply memcpy it into a ndarray without using
setitem(), refcount errors will occur
*/
memcpy(oneval, &one_obj, sizeof(PyObject *));
return oneval;
}
storeflags = PyArray_FLAGS(arr);
PyArray_ENABLEFLAGS(arr, NPY_ARRAY_BEHAVED);
Reported by FlawFinder.
numpy/core/src/multiarray/datetime.c
2 issues
Line: 80
Column: 15
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
/* Exported as DATETIMEUNITS in multiarraymodule.c */
NPY_NO_EXPORT char const *_datetime_strings[NPY_DATETIME_NUMUNITS] = {
"Y",
"M",
"W",
"<invalid>",
"D",
Reported by FlawFinder.
Line: 3513
Column: 17
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* If the string is all full, use the buffer */
if (tmp == NULL) {
memcpy(tmp_buffer, data, maxlen);
tmp_buffer[maxlen] = '\0';
tmp_meta.base = NPY_FR_ERROR;
if (parse_iso_8601_datetime(tmp_buffer, maxlen, -1,
NPY_UNSAFE_CASTING, &dts,
Reported by FlawFinder.
numpy/core/src/multiarray/datetime_busdaycal.c
2 issues
Line: 449
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
/* Copy the weekmask data */
memcpy(PyArray_DATA(ret), self->weekmask, 7);
return (PyObject *)ret;
}
static PyObject *
Reported by FlawFinder.
Line: 475
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* Copy the holidays */
if (size > 0) {
memcpy(PyArray_DATA(ret), self->holidays.begin,
size * sizeof(npy_datetime));
}
return (PyObject *)ret;
}
Reported by FlawFinder.
numpy/core/src/multiarray/dtypemeta.c
2 issues
Line: 583
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
.flags = NPY_DT_LEGACY,
/* Further fields are not common between DTypes */
};
memcpy(dtype_class, &prototype, sizeof(PyArray_DTypeMeta));
/* Fix name of the Type*/
((PyTypeObject *)dtype_class)->tp_name = tp_name;
dtype_class->dt_slots = dt_slots;
/* Let python finish the initialization (probably unnecessary) */
Reported by FlawFinder.
Line: 538
Column: 30
CWE codes:
126
if (dot) {
scalar_name = dot + 1;
}
Py_ssize_t name_length = strlen(scalar_name) + 14;
char *tp_name = PyMem_Malloc(name_length);
if (tp_name == NULL) {
PyErr_NoMemory();
return -1;
Reported by FlawFinder.
doc/source/user/plot_final.py
2 issues
Line: 1
Column: 1
from scipy import misc
import matplotlib.pyplot as plt
import numpy as np
from numpy import linalg
img = misc.face()
img_array = img / 255
img_array_transposed = np.transpose(img_array, (2, 0, 1))
Reported by Pylint.
Line: 1
Column: 1
from scipy import misc
import matplotlib.pyplot as plt
import numpy as np
from numpy import linalg
img = misc.face()
img_array = img / 255
img_array_transposed = np.transpose(img_array, (2, 0, 1))
Reported by Pylint.
numpy/core/src/multiarray/number.c
2 issues
Line: 103
Column: 9
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
SET(bitwise_xor);
SET(less);
SET(less_equal);
SET(equal);
SET(not_equal);
SET(greater);
SET(greater_equal);
SET(floor_divide);
SET(true_divide);
Reported by FlawFinder.
Line: 170
Column: 9
CWE codes:
126
Suggestion:
This function is often discouraged by most C++ coding standards in favor of its safer alternatives provided since C++14. Consider using a form of this function that checks the second iterator before potentially overflowing it
GET(bitwise_xor);
GET(less);
GET(less_equal);
GET(equal);
GET(not_equal);
GET(greater);
GET(greater_equal);
GET(floor_divide);
GET(true_divide);
Reported by FlawFinder.